The differences demystified – Encryption, hashing, obfuscation and encoding
There is considerable confusion regarding what demarcates encryption, hashing, encoding, and obfuscation.
Let’s observe each one, one-by-one.
The rationale behind encoding is to transform information so that it can be correctly, safely, consumed by a differing variant of system, for example, binary data being transmitted via email, or the viewing of special characters on a web page. The objective is not to retain the secrecy of data, but instead to make sure that it’s ready to be consumed in an appropriate fashion.
Encoding, in essence, converts information into another format leveraging a scheme that is publicly available so it can be simply be reversed. It does not need a key as the only thing needed in order to undertake decoding is the algorithm that was leveraged in its encoding.
Instances: UNICODE, ASCII, URL Encoding, BASE64
The rationale behind encryption is to convert data in order to retain its secrecy from other individuals, for example delivering to an individual a secret letter that is meant for their eyes only, or securely transmitting a password through the internet. Instead of concentrating on usability, the objective is to make sure the information is not open to consumption by anybody other than the desired recipient(s) – for example, malicious actors.
Encryption converts information into another format in a fashion that just particular persons can reverse that conversion. It leverages a key, which is kept in secrecy, in combination with the plaintext and the algorithm, in order to carry out the encryption operation. As such, the algorithm, ciphertext, and key are all needed to return to the plaintext.
Instances: AES, BLOWFISH, RSA
The rationale behind hashing is ensuring integrity, i.e. making it so that if anything is modified you can be aware that it’s modified. Technically, hashing takes random input and generate a static-length string that possesses the following traits:
- The same input will always generate the same output.
- Several disparate inputs should not generate the same output.
- It should not be feasible to go from the output to the input.
- Any alteration of a provided input should have the outcome of dramatic alteration to the hash.
Hashing is leveraged in combination with authentication to generate robust evidence that a provided message has not been altered. This is achieved by taking a provided input, hashing it, and then signing the hash with the sender’s private key.
When the recipient obtains the message, they can subsequently authenticate the signature of the hash with the sender’s public key and then hash the message themselves and contrast it to the hash that was signed by the sender. If they match it is an unaltered message, delivered by the right individual.
Instances: SHA-3, MD5 (currently obsolete), etc.
The rationale behind obfuscation is to make something more difficult to comprehend, typically for the purposes of making it tougher to attack or to copy.
One typical use is the obfuscation of source code so that it’s tougher to duplicate a provided product if it is reverse engineered.
It’s critical to observe that obfuscation is not a robust control (like correctly deployed encryption) but instead a hurdle. It, a lot like encoding, can usually be reversed by leveraging the same strategy that obfuscated it. Other times it is merely a manual process that takes a ton of time to operate through.
Another critical thing to know with regards to obfuscation is that there is a restriction to how obscure the code can turn, dependent on the content being obscured. If you are in the process of obscuring computer coding, dependent on the content being obscured. In the instance of obscuring computer code, the restriction is that the outcome must still be consumable by the computer or else the application will stop functioning.
- Encoding is for the upkeep of data usability and can be reversed by deploying the same algorithm that undertook encoding of the content, that is, no key is leveraged.
- Encryption is for the upkeep of data confidence and needs the leveraging of a key (which is kept in secrecy) in order to return to plaintext.
- Hashing is for validation of the integrity of content through identification all alteration thereof through overt alterations to the hash output.
- Obfuscation is leveraged to prevent individuals from comprehending the meaning of something, and is usually leveraged with computer code to assist in prevention of successful reverse engineering and/or theft of a product’s functionality.
You might query when obfuscation would be leveraged rather than encryption, and the solution is that obfuscation is leveraged to make it more difficult for a singular entity to comprehend (such as a human agent) while still being simple to consume for something else (such as a computer). With encryption, neither a human being or a computer could interpret the content with no key.